Authenticate User Between ASP And WCF?
Feb 19, 2010
We are developing a browser based intranet application. All users have active directory account, so obvious choice would be use Integrated Windows Authentication. But there will be multiple users accessing same client machine so we decided to use form based authentication (but authenticated against AD). In this scenario what is the best way to authenticate between my ASP.NET application (IIS) and WCF Services (another server IIS 7). I don't want to use asp.Net Compatibility mode or certificate. I am thinking to create another domain account to authenticate ASP.NET and WCF. I am also passing the information about the current ASP.NET user to WCF as header info. Is this the right way to do? The following code will call from ASP.NET to access and get each service method.
// Call WCF service from ASP.NET Application using a new domain account for each call.
proxy.ClientCredentials.Windows.ClientCredential.Domain = "mydomain";
ServiceReference.HelloWorldClient proxy = new ServiceReference.HelloWorldClient();
proxy.ClientCredentials.Windows.ClientCredential.UserName = "new_domain_account";
proxy.ClientCredentials.Windows.ClientCredential.Password = "password";
Is there any better way to authenticate WCF from ASP.NET?
View 4 Replies
Similar Messages:
Jun 8, 2010
I have an asp.net app. It has a page that requires authentication. The authenticated user can view the page because he/she is authenticated. The page makes a jQuery Ajax call to a WCF service. The WCF service checks that the user is authenticated via HttpContext. I have a user that is using WinXP and IE8. This user can authenticate to the page, but when the Ajax call is made from the page to the wb service, the user recieves my "session not authenticated" message on the page, generated by the service and displayed on the page. When I use the same OS/browser combo, the page and service work just fine, as expected; no errors.
What option in this user's IE settings would cause this behavior?
View 1 Replies
Dec 22, 2010
How can we authenticate user in web services like i want that a user with valid id and password should only be able to consume my web service.
i am using .net framework 2.0
View 1 Replies
Dec 14, 2010
I´m building a home page where logged in users shall buy products. To be able to get to the buy page the user already has to be logged in. But when he shall execute the buy he has to reenter his password again to check the user a second time. How do I check if his entered password matches his user password? I´m using the ASP Membership library and I have passwordFormat="Hashed".
View 3 Replies
Jan 27, 2011
working sample of logging in using Twitter (OAuth) for .NET I'm currently using this one [URL] but it only works if I set the callback url to "oob", if I set a real callback url I get "401 unauthorized".
View 4 Replies
Jan 15, 2010
Here's the situation - Most of this ASP.NET Web Forms application (which uses a single master page for all pages) with Forms Authentication, has a standard session timeout, but there are some "modes" where we store an encoded cookie that links the user to their account.
I would like to manually check early on in the page lifecycle for the cookie, and if certain conditions are met, manually re-establish the user's authentication ticket/session.
Where's the best place to do this? Master page Page_Init? Global.asax BeginRequest?
View 1 Replies
Jun 11, 2010
I have a situation where I have to autheticate SharePoint user to another website that is not part of the sharepoint domain without asking user to login again.
I have sharepoint part of domain1. I have users in domain1 that log into sharepoint using NTLM by authenticating to domain1. I don't have any control over this domain and sharepoint configuration. I am working on a ASP.net application which needs to authenticate users from domain1 without prompting users for login if they have already logged into sharepoint server.
I may be able to install a webpart on the Sharepoint if this allows me to do single sign on between sharepoint and my application.
View 1 Replies
Feb 2, 2010
I have a web service set up on an IIS server. When I navigate to the page in a web browser it asks me for my user name an password, as desired. However I want to consume the service in a .NET application (C#). What do I need to do to provide a user name and password programmatically so that I can consume the service? Or is there some other way I should be authenticating a user?
View 1 Replies
Mar 12, 2010
I Need to Authenticate a User by using FormsAuthentication.SetAuthCookie and Check User is Authenticated in Another page Load How to Do this anyone?
Login Page
if (txtuname.Text == "mike")
{
FormsAuthentication.SetAuthCookie("mike", true);
Response.Redirect(FormsAuthentication.DefaultUrl);
}
Welcome Page
PageLoad()
{
}
View 1 Replies
Apr 8, 2010
i want to interlink between 2 applications of mine.. suppose a user has logged in one of my application and me store his username and password in cookies...nd nw i want to use those values in the cookies to log-in in other website without entering the username and password again for the other website. i mean to i want to skip the login page of other website.
protected void btnclick_Click(object sender, EventArgs e)
{
HttpCookie username = new HttpCookie("UserName", "a");
HttpCookie password = new HttpCookie("Password", "a");
Response.Cookies.Add(username);
Response.Cookies.Add(password);
Response.Cookies["UserName"].Expires = DateTime.Now.AddHours(1);
Response.Cookies["Password"].Expires = DateTime.Now.AddHours(1);
}
this is the code for storing values in cookie on click of a button. nw in 2nd application on page load i am using this code.
HttpCookie userName = Request.Cookies.Get("UserName");
HttpCookie password = Request.Cookies.Get("Password");
if (userName != null && password != null)
{
if (Membership.ValidateUser(userName.Value, password.Value))
{
FormsAuthentication.RedirectFromLoginPage(userName.Value, false);
}
}
here m able to get the username nd password but don't how to validate that username and password so that i can skip the login page of this application..m not sure about the code in BOLD above if its rite or worng.. and for Login i am using ASP login Control
in both applications.
View 3 Replies
Mar 25, 2010
how to authenticate a user using the central authentication service?
I created a login page to enter the user name etc. I have the server for the authentication.
View 1 Replies
May 24, 2010
In my ASP.NET application, I need to be able to authenticate/authorise against local Windows users/groups (ie. not Active Directory) on a different machine, as well as be able to change the passwords of said remote local Windows accounts.
Yes, I know Active Directory is built for this sort of thing, but unfortunately the higher ups have decreed it needs to be done this way (so authentication against users in a database is out as well).
I've tried using DirectoryEntry and WinNT like so:
DirectoryEntry user = new DirectoryEntry(String.Format("WinNT://{0}/{1},User",
serverName, username), username, password, AuthenticationTypes.Secure)
but this results in an exception when you try to log in more than one user:
Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again.
I've tried making sure my DirectoryEntries are used inside a using block, so they're disposed properly, but this doesn't seem to fix the issue. Plus, even if that did work it is possible that two users could hit that line of code concurrently and therefore try to create multiple connections, so it would be fragile anyway.
Is there a better way to authenticate against local Windows accounts on a remote machine, authorise against their groups, and change their passwords?
View 1 Replies
Jul 3, 2012
I check using web service that we can invoke. So, I use web method at code behind like belowÂ
[WebMethod]public static string ReceiveWebService(string type_list, string type_accom){Â
return string.Format("Thank you ,{0} number of rows inserted!", rowsInserted);}
And check user session at load like below
if (Session["user"] == "Abhijit"){}else{Response.Redirect("Login.aspx");}
Is this process secure?
View 1 Replies
Mar 7, 2010
I am creating a website for reset the password in one of the application from the back end.
I have created a webpage with only one button called "RESET".
If user click the button, it should check the user have already access the application from the "USER" table. If no access, the message appears "You do not have an access."
If yes, next step whether the user have authenticate. If yes update the encrypted password from new table called "UMRESET" to the application table "USER" password.
View 2 Replies
Jul 5, 2010
The below code and the config works fine, but force to enter user name/password case sensitively, i want to make it non case sensitive.
Code:
protected void LoginButton_Click(object sender, EventArgs e)
{
try
{
string uid = UserText.Text.Trim();
string pwd= PwdText.Text.Trim();
if (string.IsNullOrEmpty(uid) ||
string.IsNullOrEmpty(pwd)).....
View 3 Replies
Aug 13, 2010
how can add another dropdown inside the login control and authenticate the user on the basis of user name,password,and location.
is there any other way?
View 5 Replies
Jan 26, 2010
I want to check that the user trying to log-in is authenticated and it belongs to a certain role. For this I have wrote the following code
protected void btnLoginButton_Click(object sender, EventArgs e)
{
/
if (this.User.Identity.IsAuthenticated && this.User.IsInRole("Admin"))
{
Response.Redirect("~/Admin/Default.aspx");
}
if (this.User.Identity.IsAuthenticated && this.User.IsInRole("Editor"))
{
Response.Redirect("~/Editor/Default.aspx");
}
if (this.User.Identity.IsAuthenticated && this.User.IsInRole("Moderator"))
{
Response.Redirect("~/Moderator/Default.aspx");
}
}
But when I ran this code it gave me this error error CS1061: 'Page' does not contain a definition for 'User' and no extension method 'User' accepting a first argument of type 'Page' could be found (are you missing a using directive or an assembly reference?) I have already added following directives to cs page-
using System;
using System.Data;
using System.Configuration;
using System.Collections;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
Can anybody tell what directie I should add for "this.User" <P.S> My application is web based and it is in ASP.Net 3.5(C#).
View 6 Replies
Feb 25, 2010
Im creating an application where the user table is stored outside the database, therefore i wont need to use the built-in asp.net user tables. However i would still like to use all the features the asp.net membership security provides i.e. restrict users from certain pages using the web.config
I would like to authenticate the user manually and set roles to that user temporarily only for that session. Is this possible?
View 1 Replies
Jul 26, 2010
There is one page which is actually a streaming to The Axis IP camera which spits MJPEG output.It requires user to log in with the user name/password promp on browser .I am using this stream to show video directly on a web page.It shows video correctly but asks user to provide correct user name and password set for the camera,I tried to logging in to this camera on server side using HTTP requests and then I realized I authenticated server request not the browser the end user is using.
So what I want is a method server side or client side, that can allow me to log-in to camera automatically when my end-users visit this page.I am using asp.net with c# 2005
View 1 Replies
Mar 6, 2011
I am using an email address as my "username" for Login. When a user logs in the User object that is created has the Email address as the name which is incorrect. The actual name is another field in the DB. How do I login and authenticate against the email address and then load the correct name in the User object?
I am using forms authentication with a custom MembershipProvider and RoleProvider.
Edits Below to Clarify
I have a custom MembershipProvider that validates users by email address and password. It is called by the basic Login Control and registered in web.config.
[code]....
View 4 Replies
Feb 8, 2011
I currently have an odd problem with ASP.Net authentication. Consider the two following lines:
MembershipCreateStatus ct = new MembershipCreateStatus();
Membership.CreateUser("admin", "mypassword", "test@gmail.com", "1", "1", true, out ct);
This does register my user in my database. I have verified this.However, when I run this immediately after:
FormsAuthentication.Authenticate("admin", "mypassword");
The authentication fails. The weird thing is I know for a fact that the user does exist in the db, and that is further confirmed if i run
MembershipUserCollection uc = Membership.FindUsersByName("admin");
and uc does hold my admin user withe all the proper info. why Authenticate would return false?
View 1 Replies
Aug 11, 2010
I created one application, and I need to authenticate local user. This user is the user who is login to his/her Personal Computer.. Main thing his that he/she does not in any DOMAIN... I want NON-DOMAIN authentication.
View 4 Replies
Feb 4, 2010
I just begin creating a website for an organization. First page to be displayed in the login page. I dont have any knowledge in ASP.NET Security. On Login page, i want to display UserName field as disabled with the useralias of the user who currently logged into Windows. Password user has to provide and it should be that user's windows password.
How do i validate that password that user has entered is his windows password?
View 2 Replies
Feb 7, 2011
I have built a login form that does not use the asp.net 'login' control.
in my code behind i have this:
[Code]....
but this does not seem to maintain my user loged in... as soon as the user navigates to the next page he is loged out again...
View 3 Replies
Sep 28, 2010
How to authenticate an user against a particular OU in Active Directory. If the AD holds 50 OUs I don't want to look into all 50 OUs , instead it should look into a particular OU( for eg: OU=dotnet users) to authenticate the user.
View 1 Replies
